A security hacker is someone who seeks to breach defenses and expwoit weaknesses in a computer system or network. Hackers may be motivated by a muwtitude of reasons, such as profit, protest, information gadering,[1] chawwenge, recreation,[2] or to evawuate system weaknesses to assist in formuwating defenses against potentiaw hackers. The subcuwture dat has evowved around hackers is often referred to as de computer underground.[3]

There is a wongstanding controversy about de term's true meaning. In dis controversy, de term hacker is recwaimed by computer programmers who argue dat it refers simpwy to someone wif an advanced understanding of computers and computer networks,[4]
and dat cracker is de more appropriate term for dose who break into computers, wheder computer criminaw (bwack hats) or computer security expert (white hats).[5][6] A 2014 articwe concwuded dat "... de bwack-hat meaning stiww prevaiws among de generaw pubwic".[7][tone]

History

In computer security, a hacker is someone who focuses on security mechanisms of computer and network systems. Whiwe incwuding dose who endeavor to strengden such mechanisms, it is more often used by de mass media and popuwar cuwture to refer to dose who seek access despite dese security measures. That is, de media portrays de 'hacker' as a viwwain, uh-hah-hah-hah. Neverdewess, parts of de subcuwture see deir aim in correcting security probwems and use de word in a positive sense. White hat is de name given to edicaw computer hackers, who utiwize hacking in a hewpfuw way. White hats are becoming a necessary part of de information security fiewd.[8] They operate under a code, which acknowwedges dat breaking into oder peopwe's computers is bad, but dat discovering and expwoiting security mechanisms and breaking into computers is stiww an interesting activity dat can be done edicawwy and wegawwy. Accordingwy, de term bears strong connotations dat are favorabwe or pejorative, depending on de context.

The subcuwture around such hackers is termed network hacker subcuwture, hacker scene, or computer underground. It initiawwy devewoped in de context of phreaking during de 1960s and de microcomputer BBS scene of de 1980s. It is impwicated wif 2600: The Hacker Quarterwy and de awt.2600 newsgroup.

In 1980, an articwe in de August issue of Psychowogy Today (wif commentary by Phiwip Zimbardo) used de term "hacker" in its titwe: "The Hacker Papers". It was an excerpt from a Stanford Buwwetin Board discussion on de addictive nature of computer use. In de 1982 fiwm Tron, Kevin Fwynn (Jeff Bridges) describes his intentions to break into ENCOM's computer system, saying "I've been doing a wittwe hacking here". CLU is de software he uses for dis. By 1983, hacking in de sense of breaking computer security had awready been in use as computer jargon,[9] but dere was no pubwic awareness about such activities.[10] However, de rewease of de fiwm WarGames dat year, featuring a computer intrusion into NORAD, raised de pubwic bewief dat computer security hackers (especiawwy teenagers) couwd be a dreat to nationaw security. This concern became reaw when, in de same year, a gang of teenage hackers in Miwwaukee, Wisconsin, known as The 414s, broke into computer systems droughout de United States and Canada, incwuding dose of Los Awamos Nationaw Laboratory, Swoan-Kettering Cancer Center and Security Pacific Bank.[11] The case qwickwy grew media attention,[11][12] and 17-year-owd Neaw Patrick emerged as de spokesman for de gang, incwuding a cover story in Newsweek entitwed "Beware: Hackers at pway", wif Patrick's photograph on de cover.[13] The Newsweek articwe appears to be de first use of de word hacker by de mainstream media in de pejorative sense.

Pressured by media coverage, congressman Dan Gwickman cawwed for an investigation and began work on new waws against computer hacking.[14][15]
Neaw Patrick testified before de U.S. House of Representatives on September 26, 1983, about de dangers of computer hacking, and six biwws concerning computer crime were introduced in de House dat year.[15] As a resuwt of dese waws against computer criminawity, white hat, grey hat and bwack hat hackers try to distinguish demsewves from each oder, depending on de wegawity of deir activities. These moraw confwicts are expressed in The Mentor's "The Hacker Manifesto", pubwished 1986 in Phrack.

Cwassifications

Severaw subgroups of de computer underground wif different attitudes use different terms to demarcate demsewves from each oder, or try to excwude some specific group wif whom dey do not agree.

Eric S. Raymond, audor of The New Hacker's Dictionary, advocates dat members of de computer underground shouwd be cawwed crackers. Yet, dose peopwe see demsewves as hackers and even try to incwude de views of Raymond in what dey see as a wider hacker cuwture, a view dat Raymond has harshwy rejected. Instead of a hacker/cracker dichotomy, dey emphasize a spectrum of different categories, such as white hat, grey hat, bwack hat and script kiddie. In contrast to Raymond, dey usuawwy reserve de term cracker for more mawicious activity.

According to Rawph D. Cwifford, a cracker or cracking is to "gain unaudorized access to a computer in order to commit anoder crime such as destroying information contained in dat system".[16] These subgroups may awso be defined by de wegaw status of deir activities.[17]

White hat

A white hat hacker breaks security for non-mawicious reasons, eider to test deir own security system, perform penetration tests, or vuwnerabiwity assessments for a cwient - or whiwe working for a security company which makes security software. The term is generawwy synonymous wif edicaw hacker, and de EC-Counciw,[18] among oders, have devewoped certifications, courseware, cwasses, and onwine training covering de diverse arena of edicaw hacking.[17]

Bwack hat

A "bwack hat" hacker is a hacker who "viowates computer security for wittwe reason beyond mawiciousness or for personaw gain" (Moore, 2005).[19] The term was coined by Richard Stawwman, to contrast de mawiciousness of a criminaw hacker versus de spirit of pwayfuwness and expworation in hacker cuwture, or de edos of de white hat hacker who performs hacking duties to identify pwaces to repair or as a means of wegitimate empwoyment.[20] Bwack hat hackers form de stereotypicaw, iwwegaw hacking groups often portrayed in popuwar cuwture, and are "de epitome of aww dat de pubwic fears in a computer criminaw".[21]

Grey hat

A grey hat hacker wies between a bwack hat and a white hat hacker. A grey hat hacker may surf de Internet and hack into a computer system for de sowe purpose of notifying de administrator dat deir system has a security defect, for exampwe. They may den offer to correct de defect for a fee.[21] Grey hat hackers sometimes find de defect of a system and pubwish de facts to de worwd instead of a group of peopwe. Even dough grey hat hackers may not necessariwy perform hacking for deir personaw gain, unaudorized access to a system can be considered iwwegaw and unedicaw.

Script kiddie

A script kiddie (awso known as a skid or skiddie) is an unskiwwed hacker who breaks into computer systems by using automated toows written by oders (usuawwy by oder bwack hat hackers), hence de term script (i.e. a prearranged pwan or set of activities) kiddie (i.e. kid, chiwd—an individuaw wacking knowwedge and experience, immature),[23] usuawwy wif wittwe understanding of de underwying concept.

Neophyte

A neophyte ("newbie", or "noob") is someone who is new to hacking or phreaking and has awmost no knowwedge or experience of de workings of technowogy and hacking.[21]

Bwue hat

A bwue hat hacker is someone outside computer security consuwting firms who is used to bug-test a system prior to its waunch, wooking for expwoits so dey can be cwosed. Microsoft awso uses de term BwueHat to represent a series of security briefing events.[24][25][26]

Hacktivist

A hacktivist is a hacker who utiwizes technowogy to pubwicize a sociaw, ideowogicaw, rewigious or powiticaw message.

A vuwnerabiwity scanner is a toow used to qwickwy check computers on a network for known weaknesses. Hackers awso commonwy use port scanners. These check to see which ports on a specified computer are "open" or avaiwabwe to access de computer, and sometimes wiww detect what program or service is wistening on dat port, and its version number. (Firewawws defend computers from intruders by wimiting access to ports and machines, but dey can stiww be circumvented.)

Finding vuwnerabiwities

Hackers may awso attempt to find vuwnerabiwities manuawwy. A common approach is to search for possibwe vuwnerabiwities in de code of de computer system den test dem, sometimes reverse engineering de software if de code is not provided.

Brute-force attack

Password guessing. This medod is very fast when used to check aww short passwords, but for wonger passwords oder medods such as de dictionary attack are used, because of de time a brute-force search takes.[30]

Password cracking

Password cracking is de process of recovering passwords from data dat has been stored in or transmitted by a computer system. Common approaches incwude repeatedwy trying guesses for de password, trying de most common passwords by hand, and repeatedwy trying passwords from a "dictionary", or a text fiwe wif many passwords.

Packet anawyzer

A packet anawyzer ("packet sniffer") is an appwication dat captures data packets, which can be used to capture passwords and oder data in transit over de network.

Spoofing attack (phishing)

A spoofing attack invowves one program, system or website dat successfuwwy masqwerades as anoder by fawsifying data and is dereby treated as a trusted system by a user or anoder program — usuawwy to foow programs, systems or users into reveawing confidentiaw information, such as user names and passwords.

Rootkit

A rootkit is a program dat uses wow-wevew, hard-to-detect medods to subvert controw of an operating system from its wegitimate operators. Rootkits usuawwy obscure deir instawwation and attempt to prevent deir removaw drough a subversion of standard system security. They may incwude repwacements for system binaries, making it virtuawwy impossibwe for dem to be detected by checking process tabwes.

Sociaw engineering

In de second stage of de targeting process, hackers often use Sociaw engineering tactics to get enough information to access de network. They may contact de system administrator and pose as a user who cannot get access to his or her system. This techniqwe is portrayed in de 1995 fiwm Hackers, when protagonist Dade "Zero Coow" Murphy cawws a somewhat cwuewess empwoyee in charge of security at a tewevision network. Posing as an accountant working for de same company, Dade tricks de empwoyee into giving him de phone number of a modem so he can gain access to de company's computer system.

Hackers who use dis techniqwe must have coow personawities, and be famiwiar wif deir target's security practices, in order to trick de system administrator into giving dem information, uh-hah-hah-hah. In some cases, a hewp-desk empwoyee wif wimited security experience wiww answer de phone and be rewativewy easy to trick. Anoder approach is for de hacker to pose as an angry supervisor, and when his/her audority is qwestioned, dreaten to fire de hewp-desk worker. Sociaw engineering is very effective, because users are de most vuwnerabwe part of an organization, uh-hah-hah-hah. No security devices or programs can keep an organization safe if an empwoyee reveaws a password to an unaudorized person, uh-hah-hah-hah.

Sociaw engineering can be broken down into four sub-groups:

Intimidation As in de "angry supervisor" techniqwe above, de hacker convinces de person who answers de phone dat deir job is in danger unwess dey hewp dem. At dis point, many peopwe accept dat de hacker is a supervisor and give dem de information dey seek.

Hewpfuwness The opposite of intimidation, hewpfuwness expwoits many peopwe's naturaw instinct to hewp oders sowve probwems. Rader dan acting angry, de hacker acts distressed and concerned. The hewp desk is de most vuwnerabwe to dis type of sociaw engineering, as (a.) its generaw purpose is to hewp peopwe; and (b.) it usuawwy has de audority to change or reset passwords, which is exactwy what de hacker wants.[31]

Name-dropping The hacker uses names of audorized users to convince de person who answers de phone dat de hacker is a wegitimate user him or hersewf. Some of dese names, such as dose of webpage owners or company officers, can easiwy be obtained onwine. Hackers have awso been known to obtain names by examining discarded documents ("dumpster diving").

Technicaw Using technowogy is awso a way to get information, uh-hah-hah-hah. A hacker can send a fax or emaiw to a wegitimate user, seeking a response dat contains vitaw information, uh-hah-hah-hah. The hacker may cwaim dat he or she is invowved in waw enforcement and needs certain data for an investigation, or for record-keeping purposes.

Trojan horses

A Trojan horse is a program dat seems to be doing one ding but is actuawwy doing anoder. It can be used to set up a back door in a computer system, enabwing de intruder to gain access water. (The name refers to de horse from de Trojan War, wif de conceptuawwy simiwar function of deceiving defenders into bringing an intruder into a protected area.)

Computer virus

A virus is a sewf-repwicating program dat spreads by inserting copies of itsewf into oder executabwe code or documents. By doing dis, it behaves simiwarwy to a biowogicaw virus, which spreads by inserting itsewf into wiving cewws. Whiwe some viruses are harmwess or mere hoaxes, most are considered mawicious.

Computer worm

Like a virus, a worm is awso a sewf-repwicating program. It differs from a virus in dat (a.) it propagates drough computer networks widout user intervention; and (b.) does not need to attach itsewf to an existing program. Nonedewess, many peopwe use de terms "virus" and "worm" interchangeabwy to describe any sewf-propagating program.

Keystroke wogging

A keywogger is a toow designed to record ("wog") every keystroke on an affected machine for water retrievaw, usuawwy to awwow de user of dis toow to gain access to confidentiaw information typed on de affected machine. Some keywoggers use virus-, trojan-, and rootkit-wike medods to conceaw demsewves. However, some of dem are used for wegitimate purposes, even to enhance computer security. For exampwe, a business may maintain a keywogger on a computer used at a point of sawe to detect evidence of empwoyee fraud.

Attack patterns

Attack patterns are defined as series of repeatabwe steps dat can be appwied to simuwate an attack against de security of a system. They can be used for testing purposes or wocating potentiaw vuwnerabiwities. They awso provide, eider physicawwy or in reference, a common sowution pattern for preventing a given attack.

Toows and Procedures

A dorough examination of hacker toows and procedures may be found in Cengage Learning's E|CSA certification workbook.[32]

Notabwe security hackers

Dan Kaminsky is a DNS expert who exposed muwtipwe fwaws in de protocow and investigated Sony's rootkit security issues in 2005. He has spoken in front of de United States Senate on technowogy issues.

Ed Cummings (awso known as Bernie S) is a wongstanding writer for 2600: The Hacker Quarterwy. In 1995, he was arrested and charged wif possession of technowogy dat couwd be used for frauduwent purposes, and set wegaw precedents after being denied bof a baiw hearing and a speedy triaw.

Jacob Appewbaum is an advocate, security researcher, and devewoper for de Tor project. He speaks internationawwy for usage of Tor by human rights groups and oders concerned about Internet anonymity and censorship.

Rafaew Núñez, a.k.a. RaFa, was a notorious hacker who was sought by de Federaw Bureau of Investigation in 2001. He has since become a respected computer security consuwtant and an advocate of chiwdren's onwine safety.

Customs

The computer underground[2] has produced its own speciawized swang, such as 1337speak. Its members often advocate freedom of information, strongwy opposing de principwes of copyright, as weww as de rights of free speech and privacy.[citation needed] Writing software and performing oder activities to support dese views is referred to as hacktivism. Some consider iwwegaw cracking edicawwy justified for dese goaws; a common form is website defacement. The computer underground is freqwentwy compared to de Wiwd West.[42] It is common for hackers to use awiases to conceaw deir identities.

Conseqwences for mawicious hacking

India

Section

Offence

Punishment

65

Tampering wif computer source documents – Intentionaw conceawment, destruction or awteration of source code when de computer source code is reqwired to be kept or maintained by waw for de time being in force

Imprisonment up to dree years, or/and wif fine up to 20000 rupees

66

Hacking

Imprisonment up to dree years, or/and wif fine up to 50000 rupees

Nederwands

Articwe 138ab of Wetboek van Strafrecht prohibits computervredebreuk, which is defined as intruding an automated work or a part dereof wif intention and against de waw. Intrusion is defined as access by means of:

United States

A computer excwusivewy for de use of a financiaw institution or de United States Government, or, in de case of a computer not excwusivewy for such use, used by or for a financiaw institution or de United States Government and de conduct constituting de offense affects dat use by or for de financiaw institution or de Government.

A computer which is used in or affecting interstate or foreign commerce or communication, incwuding a computer wocated outside de United States dat is used in a manner dat affects interstate or foreign commerce or communication of de United States;

The maximum imprisonment or fine for viowations of de Computer Fraud and Abuse Act depends on de severity of de viowation and de offender's history of viowations under de Act.

Hacking and de media

Hacker magazines

The most notabwe hacker-oriented print pubwications are Phrack, Hakin9 and 2600: The Hacker Quarterwy. Whiwe de information contained in hacker magazines and ezines was often outdated by de time dey were pubwished, dey enhanced deir contributors' reputations by documenting deir successes.[43]